Cisco Cisco Prime Virtual Network Analysis Module (vNAM) 6.1 White Paper
Page 4
©2014 Enterprise Management Associates, Inc. All Rights Reserved. | www.enterprisemanagement.com
4
Network Visibility in the Data Center:
Best Practices for Staying Ahead
Staying Ahead of Virtualized/Cloud Infrastructure
The new Cisco vNAM is a purely software-based version of the NAM solution, offering full NAM
features that can be deployed directly within a hypervisor. Initial support for KVM and ESX hypervisors
will be followed by support for Hyper–V at a later date. The Cisco vNAM can gather and analyze
packets via SPAN and ERSPAN, from a Cisco switch, as well as harvest NetFlow from any source. This
allows organizations to restore visibility inside of virtual compute environments and even to establish
direct visibility inside some external cloud settings (depending on cloud provider networking control
options). For example, by installing an instance of vNAM inside select hypervisors around the data
center, traffic flowing between VMs within those hypervisors (which never crosses a physical wire) can
be seen/monitored/analyzed. Further, deployment of NAMs for specific monitoring or troubleshooting
activities becomes much quicker and more flexible, since there are no physical appliances to deploy or
cabling to install for the vNAM.
The Cisco NAM has also been substantially enhanced to help recognize and maintain visibility into
The Cisco NAM has also been substantially enhanced to help recognize and maintain visibility into
and through various types of virtual network overlay encapsulations. For instance, existing support has
been expanded to add OTV, VXLAN, FabricPath, GRE, LISP, and others (see example in Figure 1).
The enhanced NAM automatically recognizes encapsulation protocols and applies de-encapsulation,
even in nested encapsulation situations such as VXLAN over OTV. With the use of network overlays
expanding rapidly, these capabilities are essential for revealing the true identity and nature of encapsulated
traffic, so that activity can be rightfully recognized and actions prioritized during both monitoring and
troubleshooting activities.
Figure 1: Visibility into OTV:Profiling the traffic across DCI link; identifying the
Top Talkers and Applications consuming the most bandwidth